Page History

How do I request an account?

Use the Account Request Form to request the following accounts:

• Google Apps
• Windows Active Directory
• OTP SSH Gateway
• Central Unix
• SCS Cluster

About Google Apps Accounts

These accounts are:

• Free for Lab employees & affiliates.
• Created only if requested. (Ideally, a new employee or someone in the new employee's department will request an account before a new employee's first day of work.)
• Usually created within 24 hours of the request. (A person must be in the Berkeley Lab Identity/LDAP directory before we can create a Google Apps account. The directory receives information about new employees and affiliates once per day from the Human Resources Data Warehouse.)

These accounts include:

...

1. Access to all Google Apps services available at LBNL (e.g. Gmail, Calendar, Docs, Sites, etc.) See

1. http://lbl.gov/google

...

1. for

...

1. more

...

1. information.

...

2. A

...

1. Berkeley

...

1. Lab

...

1. email

...

1. address,

...

1. ("[email protected]"),

...

1. that

...

1. delivers

...

1. to

...

1. a

...

1. Lab

...

1. Gmail

...

1. account

...

1. with

...

1. 25GB

...

1. of

...

1. free

...

1. storage

...

2. An

...

1. LDAP

...

1. username,

...

1. that

...

1. is

...

1. used

...

1. to

...

1. sign

...

1. in

...

1. to

...

1. many

...

1. services

...

1. at

...

1. the

...

1. Lab,

...

1. including:

...

1. Gmail,

...

1. Google

...

1. Docs,

...

1. LETS,

...

1. EH&S

...

1. Training,

...

1. etc.

...

Passwords:

...

New

...

employees

...

typically

...

(ideally)

...

receive

...

their

...

LDAP

...

passwords

...

from

...

the

...

Badge

...

Office

...

when

...

they

...

receive

...

their

...

badges.

...

Some

...

call

...

the

...

Help

...

Desk

...

for

...

a

...

password.

...

Account

...

Termination

...

FAQ

...

What

...

happens

...

to

...

accounts

...

when

...

an

...

employee

...

leaves

...

the

...

lab?

...

We

...

disable

...

the

...

account

...

two

...

days

...

after

...

termination

...

and

...

delete

...

it

...

30

...

days

...

after

...

termination.

{:=

Expand
title	Click	here	to	read	more	about	our	account	termination	process...
The Termination Notification System }The Termination Notification System (TNS) manages your Berkeley Lab Identity/LDAP, which authenticates to Google Apps ( Gmail, Calendar, etc) , eRoom, Webspace and a variety of business applications (such as JHQ and HR Self-Service). TNS also manages your IT Division Active Directory account. The TNS initiates the following actions based on status code changes in the Human Resources Information System (HRIS): * An email notifies the following groups that the terminated employee’s account will be disabled two business days and then deleted 30 business days after the effective date of termination in HRIS: ** Employee’s Supervisor. The supervisor can request a change in the timeline or special handling of data associated with the accounts via a web-based form. ** Employee ** Applicable Division termination email list. This is in the form of Employee Applicable Division termination email list. This is in the form of HRTERM-XX, where XX is the division or department. For example, HRTERM-IC is used for the IT Division. Click here for information on the HRTERM lists. * Another email notifies three mail lists: [email protected] (telephone services), [email protected], and [email protected]. * Generates a Help Desk request to disable account two business days after the effective date of termination in HRIS: * Generates a Help Desk request 30 business days after the effective date of termination in HRIS. The ticket goes to each system administrator responsible for various computer services used by the terminated employee. The ticket notifies the administrator that accounts and data associated with the person will be deleted. +[+ TNS-process.pdf +|Account Management^TNS-process.pdf]+ : TNS Process Flow {expand} h4. How do you change the default dates for account Flow

How do you change the default dates for account disable/deletion?

...

The

...

disable/delete

...

sequence

...

can

...

be

...

delayed

...

for

...

a

...

month

...

-

...

if

...

the

...

person

...

is

...

transitioning

...

between

...

guest

...

and

...

career

...

status

...

and

...

the

...

termination

...

action

...

is

...

an

...

artifact

...

of

...

our

...

HR

...

system

...

processes.

...

Two

...

types

...

of

...

people

...

may

...

change

...

the

...

default

...

dates

...

for

...

a

...

Terminee:

...

1. Terminee's

...

1. Sponsor.

...

1. The

...

1. initial

...

1. Sponsor

...

1. is

...

1. the

...

1. supervisor

...

1. of

...

1. record

...

1. in

...

1. HRIS.

...

1. The

...

1. Sponsor

...

1. is

...

1. responsible

...

1. for

...

1. the

...

1. disposition

...

1. of

...

1. data

...

1. and

...

1. the

...

1. removal

...

1. of

...

1. the

...

1. Terminee's

...

1. account.

...

1. The

...

1. Sponsor

...

1. can

...

1. delegate

...

1. sponsorship

...

1. to

...

1. an

...

1. active

...

1. employee,

...

1. making

...

1. that

...

1. employee

...

1. the

...

1. new

...

1. Sponsor.

...

2. Surrogates.

...

1. Each

...

1. level

...

1. 1

...

1. org

...

1. code

...

1. can

...

1. create

...

1. a

...

1. list

...

1. of

...

1. one

...

1. or

...

1. more

...

1. Surrogates.

...

1. A

...

1. Surrogate

...

1. is

...

1. an

...

1. employee

...

1. who

...

1. is

...

1. authorized

...

1. to

...

1. act

...

1. on

...

1. behalf

...

1. of

...

1. any

...

1. Sponsor

...

1. in

...

1. that

...

1. level

...

1. 1

...

1. org

...

1. code.

...

1. The

...

1. Surrogate

...

1. can

...

1. view

...

1. and

...

1. update

...

1. data

...

1. for

...

1. any

...

1. Terminee

...

1. belonging

...

1. to

...

1. any

...

1. Sponsor

...

1. in

...

1. that

...

1. level

...

1. 1.

...

How

...

do

...

you

...

immediately

...

disable

...

an

...

account?

...

Call

...

the

...

HelpDesk

...

to

...

immediately

...

disable

...

an

...

account

...

(sometimes

...

called

...

Emergency

...

TNS

...

or

...

Expedited

...

TNS).

...

Supervisors

...

working

...

with

...

HR

...

Centers,

...

Security

...

and

...

Emergency

...

Operations,

...

and

...

Computer

...

Security

...

can

...

initiate

...

an

...

Emergency

...

TNS.

...

Can ex-employees

...

retain

...

accounts?

...

Former

...

employees

...

may

...

not

...

retain

...

accounts

...

unless

...

a

...

Lab

...

employee

...

sponsors

...

them

...

as

...

an

...

LBNL

...

"affiliate".

...

Being

...

an

...

affiliate

...

ensures

...

that

...

an

...

LBNL

...

employee

...

takes

...

responsibility

...

for

...

use

...

of

...

the

...

account.

...

Berkeley

...

Lab

...

Identity

...

not

...

only

...

provides

...

email

...

or

...

collaboration

...

access,

...

it’s

...

a

...

commitment

...

of

...

institutional

...

resources.

...

As

...

a

...

result,

...

we

...

enforce

...

stricter

...

rules

...

for

...

these

...

accounts.

...

If

...

you

...

plan

...

to

...

become

...

an

...

affiliate,

...

encourage

...

your

...

supervisor

...

to

...

notify

...

their

...

Administrative

...

and

...

Human

...

Resource

...

Support

...

Staff

...

in

...

advance

...

of

...

the

...

termination.

...

Advance

...

planning

...

will

...

allow

...

the

...

transition

...

to

...

be

...

seamless

...

and

...

to

...

avoid

...

delays

...

incurred

...

because

...

of

...

TNS.

...

Can

...

I

...

have

...

my

...

email

...

forwarded?

...

You

...

may

...

request

...

email

...

forwarding

...

for

...

up

...

to

...

one

...

year.

...

Contact

...

the

...

HelpDesk.

...

What

...

happens

...

when

...

an

...

employee

...

is

...

on

...

leave?

...

Leave

...

status

...

does

...

not

...

disable

...

institutional

...

accounts

...

or

...

generate

...

a

...

TNS

...

action.

...

However,

...

managers

...

may

...

request

...

removal

...

of

...

specific

...

privileges

...

or

...

account

...

suspension,

...

depending

...

on

...

the

...

situation.

...

For

...

example,

...

the

...

manager

...

of

...

someone

...

with

...

substantial

...

privileges

...

for

...

financial

...

transactions

...

might

...

request

...

suspension

...

of

...

the

...

role

...

if

...

the

...

employee

...

goes

...

on

...

extended

...

leave.

...

To

...

initiate

...

this

...

request,

...

contact

...

the

...

functional

...

owner

...

of

...

the

...

application.

...

In

...

all

...

cases,

...

the

...

employee's

...

manager

...

may

...

request

...

to

...

deactivate

...

accounts

...

while

...

the

...

person

...

is

...

on

...

leave.

...

To

...

deactivate

...

an

...

account,

...

contact:

...

1. HelpDesk

...

1. (to

...

1. deactivate

...

1. institutional

...

1. accounts)

...

2. Local

...

1. system

...

1. administrator

...

1. (to

...

1. deactivate

...

1. local

...

1. accounts)

...

2. Functional

...

1. owners

...

1. (to

...

1. suspend

...

1. particular

...

1. application

...

1. roles)

...

How

...

do

...

I

...

access

...

the

...

account

...

of

...

a

...

terminated

...

employee

...

or

...

someone

...

on

...

extended

...

leave?

...

Open

...

a

...

ticket

...

at

...

help.lbl.gov

...

and

...

they

...

will

...

route

...

the

...

request

...

appropriately

...

in

...

compliance

...

with

...

our

...

Privacy,

...

Monitoring,

...

and

...

Access

...

without

...

Consent

...

policy.